182 Incident Response jobs in Singapore

Constangy, Brooks, Smith & Prophete seeks an associate attorney to join our Cybersecurity & Data Privacy practice group. We are able to support a fully remote working set up for this role from anywhere in the contiguous US. The ideal candidate will have prior experience handling data privacy and cybersecurity matters, with a particular focus in incident response. We work with clients when their organization is most vulnerable, and as a result, this attorney must remain calm during crises and proactively communicate throughout the engagement. This candidate will work with a Partner to provide counsel to clients who find themselves at risk as a result of network intrusions, business email compromise or data breaches. Candidates must have excellent academic credentials, strong writing, communication and analytical skills, along with the ability to manage multiple projects in a fast-paced environment. Responsiveness and exceptional customer service skills are required. Effective management of billable hours is key to this position. A successful candidate will be a self-starter with the ability to work independently in order to meet critical deadlines, in addition to working collaboratively on projects as part of a larger team. CIPP/US, CIPP/E and/or CISSP certifications preferred, but not required.

We encourage interested candidates to complete an application; however, candidate materials can also be submitted directly to our National Recruiting Manager, Nicholas Golden at

We are not accepting search firm submissions for this role, at this time.

Constangy, Brooks, Smith & Prophete LLP is an Equal Employment Opportunity employer committed to providing equal opportunity in all of our employment practices, including but not limited to selection, hiring, assignment, re-assignment, promotion, transfer, and compensation. Our Firm prohibits discrimination, harassment, or retaliation in employment based on race, color, religion, national origin, sex (including pregnancy), gender, gender expression or identity, change of sex or transgender status, sexual orientation, age, disability, genetic information, citizenship status, military or veteran status, or any other category protected by applicable federal, state, or local law.

Press Tab to Move to Skip to Content Link
Select how often (in days) to receive an alert: Create Alert
At Tetra Pak we commit to making food safe and available, everywhere; and we protect what's good – protecting food, protecting people, and protecting the planet. By doing so we touch millions of people's lives every day.
And we need people like you to make it happen.
We empower you to reach your potential with opportunities to make an impact to be proud of – for food, people and the planet.
The Incident Response (IR) Lead leads a 24/7 virtual team who monitor and respond to ISIRT major incidents. This role requires management of Incident Response activities and team communication with SOC analysts, SME and other IT technical personnel. This role is also required to work closely with stakeholders and cybersecurity’s leadership team. Additionally, the Incident Response Lead will ensure staff members prioritize their work related to suspected and confirmed incidents, which may vary in severity and impact. The Incident Response Lead will direct analysts to investigate, validate, remediate and communicate known details about the incident and is a point of contact for escalation.
Due to coverage requirements, this is a permanent position based in a country within the Asia time zone.
What you will do
Role and responsibilities:
The Incident Response Lead will analyze and organize to help the team rank complex work. As a central figure, Incident Response Lead brings order to a fast-paced, constantly evolving operation. Incident Response Lead to enforce policies, playbooks and methodologies, which have been adopted for the best course of action.
Personal, organizational, communication and analytical skills are vital, as well as the ability to communicate effectively with cybersecurity leadership. This role requires technical aptitude, and managers are also expected to be adept at working well with people who will be under stress and subject to burnout.
Key Responsibilities:

• Manage a team of incident responders for ISIRT response and interact with cybersecurity leadership and business stakeholders.
• Coordinate and ensure ISIRT incidents are prioritized at all hours of the day.
• Implement a cross-functional team of analysts working closely with cybersecurity, IT and developers.
• Serve as a point of escalation and incident commander.
• Review ISIRT incidents that may be related to ransomware, host compromise, account compromise, phishing, anomalous user behavior, third parties and data leakage.
• Ensure the ISIRT response team is following processes embraced by leadership and adhering to best practices.
• Measure and give feedback to the team to improve mean time to respond, key performance indicators (KPIs) and service-level objectives.
• Proactively adjust to upcoming company changes affecting the operation to modify ISIRT response processes.
• Possess advanced knowledge of attackers’ methods of escalation; lateral movement; and tactics, techniques and procedures.
• Present incident analysis and trend reporting to leadership, highlighting KPIs.
• Review events and process effectiveness and make recommendations for change to leadership.
• Require participation in ISIRT tabletop exercises designed to identify gaps, improve skills, enhance communication and engage with key stakeholders.
• Oversee IR playbooks, policies, procedures and guidelines to ensure they align with industry best practices.
• Collaborate with infrastructure, IT, vulnerability, threat intelligence and application security leads.
• Participate in monitoring internal and external events and stay tightly aligned with infrastructure and third-party, hosted, on-premises and end-user systems.
• Review and communicate ISIRT incident details from initial investigation through root cause analysis and post-mortem.
• Maintain operational rigor and recognize when team members need time away to refocus and refresh.
• Identify strengths and weaknesses in ISIRT team members and provide training to improve skills and knowledge.
• Remain current with emerging threats and share knowledge with colleagues to improve incident response. Perform other duties as assigned.

We believe you have
Strong organizational and team management skills are required to excel in this role, as well as previous experience in security administration, IR and security operations center (SOC) roles.
Seven-plus years’ experience in security administration and SOC, with three-plus years’ security IR.
Demonstrated experience leading people both in person and remotely distributed.
Self-aware and capable of remaining calm under intense pressure.
Strong written and oral communication skills across varying levels of the organization.
Excellent judgment and the ability to make quick decisions when working with complex situations.
Organized, with the ability to prioritize and respond within defined SLAs and maintain composure.
Understanding of threats and vulnerabilities, as well as principles of ISIRT incident response and chain of custody.
Knowledge with multiple solutions such as security orchestration, automation and response; SIEM; threat intelligence platform; directory services; malware sandboxes; vulnerability management; MITRE ATT&CK; IR playbooks; and endpoint/extended detection and response
Generally familiar with one or more but not limited to: NIST, ISO 27001, NIS 2, CRA
Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible.
High degree of integrity, trustworthiness, professionalism and character.
Education Requirements:
Bachelor’s degree preferred in cybersecurity, computer science, engineering or related field.
Certification in CRISC, CISSP, CISA, CISM will be a plus.
We Offer You
A variety of exciting challenges with ample opportunities for development and training in a truly global landscape
A culture that pioneers a spirit of innovation where our industry experts drive visible results
An equal opportunity employment experience that values diversity and inclusion
Market competitive compensation and benefits with flexible working arrangements
Apply Now
If you are inspired to be part of our promise to protect what’s good; for food, people, and the planet, apply through our careers page at .
If you have any questions about your application, please contact
Ephraim Kwa .
Diversity, equity, and inclusion is an everyday part of how we work. We give people a place to belong and support to thrive, an environment where everyone can be comfortable being themselves and has equal opportunities to grow and succeed. We embrace difference, celebrate people for who they are, and for the diversity they bring that helps us better understand and connect with our customers and communities worldwide.
#J-18808-Ljbffr

Our Mission

Our Mission At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are built on challenging and disrupting the way things are done, and we seek innovators who are committed to shaping the future of cybersecurity.

Who We Are We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and believe that the unique ideas of every team member contribute to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday – from disruptive innovation and collaboration to execution, from showing up for each other with integrity to creating an environment where we all feel included.

Job Description As a Principal Consultant in Unit 42, the individual will be responsible for managing incident response engagements with our largest clients and in our most complex engagements. They will become the go‑to expert for clients during high‑priority incident response, remediation, and recovery phases, providing strategic guidance and technical oversight while focusing on product integration. The role requires in‑depth cybersecurity expertise to serve as an incident commander throughout the incident response lifecycle. While actively involved in incident response service delivery, this person also works with peers and the executive team to enhance Unit 42’s incident response practice, including developing and improving the technical and operating methodologies employed during incident response engagements.

• Lead the team delivering high‑profile, high‑stakes enterprise level incident response engagements
• Provide hands‑on, expert‑level incident response services to clients and deliver findings to CxO and/or Board of Directors
• Partner with the Unit 42 Directors, executive team and service line leaders to develop and execute strategy for the Unit 42 Digital Forensics & Incident Response (DFIR) practice, as well as continuously advance the maturity of our services
• Drive innovation in Unit 42’s reactive offerings, by leading the consulting team and collaborating with cross‑functional teams to bring new capabilities and services to market that leverage Palo Alto Networks products
• Ensure the consistency and quality of our services and highest level of customer service
• Integrate threat intelligence into our services by deepening the feedback loop with Unit 42 Threat Intelligence team and telemetry
• Recruit and onboard world class Incident Response talent to support our growth goals
• Support the professional growth and development of our consultants through training and technical enablement
• Foster and maintain a culture that attracts and retains smart, kind team members dedicated to executing with excellence
• Identify and execute strategies for service development, enablement, and process that result in the pull through of Palo Alto Networks products
• Cultivate and maintain relationships with key clientele to increase awareness of Unit 42’s capabilities and provide on‑demand expertise for client needs
• Amplify Unit 42’s presence and credibility in the marketplace through thought leadership, including via speaking engagements, articles, whitepapers, and media exposure

• 6 years of hands‑on professional experience in incident response, with 3 years experience in client‑facing consulting roles
• Demonstrated prior experience and success in leading multi‑site, large scale incident response engagements, including scoping work, managing incident response engagements end‑to‑end and providing guidance on tactical and longer‑term remediation recommendations
• Experience in managing, leading and motivating consultants at all levels
• Experience as a team leader including overseeing other senior and mid‑level analyst/consultant teams
• Ability to travel as needed to meet business demands
• Able to split your time across commercial support, client delivery, team coaching, and technical expertise and skills maintenance activities
• Strong presentation, communication, and presentation skills with verifiable industry experience communicating at CxO and/or Board of Directors level
• Expert level of knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance
• Deep technical experience and operational understanding of major operating systems (Microsoft Windows, Linux, or Mac) and/or proficiency in host based forensics, network forensics and cloud incident response
• Endpoint Detection and Response (EDR), threat hunting, log analysis, and triage forensics
• Collection and analysis of host and cloud based forensic data at scale
• Client services mindset and top‑notch client management skills
• Experienced‑based understanding of clients’ needs and desired outcomes in incident response investigations
• Demonstrated writing ability, including technical reports, business communication, and thought leadership pieces
• Operates with a hands‑on approach to service delivery with a bias toward collaboration and teamwork
• Track record of championing innovation and improvement initiatives for your area of expertise, identifying emerging trends and technologies and developing leading solutions to address client needs
• Be a valuable contributor to the practice and, specifically develop an external presence via public speaking, conferences, and/or publications
• Have credibility, executive presence, and gravitas
• Able to have a meaningful and rapid delivery contribution
• Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
• Be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent relevant experience or equivalent military experience required to meet job requirements and expectations
• Professional industry certifications such as: GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Incident Handler (GCIH)

• Associate

• Full‑time

• Consulting

• Computer and Network Security

The Business Incident Response (BIR) team is a specialized group that provides rapid and holistic resolution of critical escalations that threaten businesses' and partners' brands, relationships, and revenue streams. The team offers dedicated support to advertisers globally who experience friction on our platforms. By leveraging cross-functional partnerships, the BIR team delivers an immediate and personalized experience for constituents and stakeholders during times of crisis. The team operates off-process and overrides barriers to ensure swift issue resolution, prioritizing resources dynamically to assume ownership over mission-critical incidents.The escalations handled by the BIR team are complex and require experience in areas such as operations, policy, process, and project management. The team comprises best-in-class specialists who leverage their skills to deliver outsized impact.To succeed on the BIR team, candidates should be passionate about social media, real-time crisis management, and working collaboratively in a fast-paced environment. Candidates should have a high level of interest in customer support and working cross-functionally with multiple domains, including policy and process. Candidates will have to navigate ambiguity and have the capacity to make quality decisions while remaining unbiased and open to feedback. Candidates will be communicating relevant content and context to inform and enable internal and external partners, including executive level communication.The role will be based in Singapore.

• Review, investigate and coordinate the end-to-end resolution of executive-level incidents in adherence with the respective process and policy frameworks
• Communicate effectively with multiple stakeholders, including external clients, internal partners and the leadership group
• Serve as the primary communication channel on critical escalations
• Cooperate with a wide group of cross-functional partners across the business, including those outside of your domain expertise, to coordinate the work and develop long-lasting relationships
• Successfully execute assigned tasks and/or project work, ensuring that goals are met within scope and timelines
• Join and/or organize group meetings to effectively discuss, and occasionally present, on many business matters including core work, projects, and strategy
• Perform root-cause analysis and/or draft post-mortem reports to identify areas of opportunity and issue recommendations to the appropriate audience
• Drive innovation by contributing towards resolving problem statements and proposing improvements to existing processes
• Attend mandatory training and seek knowledge in areas of interest to the business
• Be an expert on interpreting and enforcing Meta's policies and use sound judgment, specific knowledge, signals and insights to drive scalable solutions to support Meta and our users
• Adopt best practices in order to achieve individual and collective goals

• 3+ years of experience working in large-scale operations, domains such as online operations, escalations, informational systems, compliance, risk management, policy, legal operations, management consulting or related fields
• Demonstrated understanding of how the broader social media landscape operates in the industry
• Demonstrated experience thinking strategically about complex issues leading to thoughtful recommendations, and making quality decisions when dealing with ambiguous situations
• Demonstrated experience navigating ambiguous situations
• Experienced working within fast-paced environments, handling multiple workstreams and maintaining effective communication with all stakeholders, both internal and external

• Experience with analytical tools (i.e. Excel, SQL, Tableau) and influencing others leveraging data and analysis
• Familiarity with Meta's suite of products
• Proficiency in another language spoken in Asia Pacific (business fluent)
• Experience working directly with global, cross-functional teams to solve issues and develop solutions
• Understanding of the power of social media for businesses and the issues that are inherent to it
• Degree in Science, Technology, Engineering, and Mathematics (S.T.E.M)

Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.

Individual compensation is determined by skills, qualifications, experience, and location. Compensation details listed in this posting reflect the base hourly rate, monthly rate, or annual salary only, and do not include bonus, equity or sales incentives, if applicable. In addition to base compensation, Meta offers benefits. Learn more about benefits at Meta.

Technical Skills

• Strong expertise in incident response, threat hunting, and forensic analysis.
• Experience with SIEM tools (e.g., Elastic, Splunk).
• Proficiency in network security, malware analysis, and log analysis.
• Familiarity with cloud security (AWS, Azure, GCP) and container security.
• Experience with cloud security tools and AI-powered security analytics (AWS Guard Duty, Azure Sentinel, Google Chronicle).
• Familiarity with AI/ML-driven anomaly detection and behavioral analysis techniques.
• Knowledge of security solutions (EDR, XDR, NDR, WAF, Proxy, Firewall, Email Security).
• Scripting and automation skills (Python, PowerShell, Bash).
• Deep understanding of the MITRE ATT&CK framework, cyber kill chain, and machine learning models for cybersecurity applications.
• Excellent communication and report-writing skills and the ability to work under pressure scenarios.

Job Types: Full-time, Permanent

Benefits:

• Health insurance

Company Description

Our Mission

At Palo Alto Networks everything starts and ends with our mission:

Being the cybersecurity partner of choice, protecting our digital way of life.

Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for innovators who are as committed to shaping the future of cybersecurity as we are.

Who We Are

We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included.

As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few

At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work full time from our office with flexibility offered where needed. This setup fosters casual conversations, problem-solving, and trusted relationships. Our goal is to create an environment where we all win with precision.

Job Description

Your Career

As a Principal Consultant in Unit 42 the individual will be responsible for managing incident response engagements with our largest clients and in our most complex engagements. They will become the go-to expert for clients during high-priority incident response, remediation, and recovery phases, providing both strategic guidance and technical oversight, while also focusing on product integration. The role requires in-depth cybersecurity expertise to enable serving as an incident commander throughout the incident response lifecycle.

While actively involved in incident response service delivery, this person also works with peers and the executive team to enhance Unit 42's incident response practice, including developing and improving the technical and operating methodologies employed during incident response engagements.

We are seeking an individual who is dedicated to delivering highly technical consulting services to an exceptional standard, thrives in a fast paced team environment, and advocates for innovative approaches to deliver the best outcomes for our cross-sector clients.

Your Impact

• Lead the team delivering high-profile, high-stakes enterprise level incident response engagements
• Provide hands-on, expert-level incident response services to clients and deliver findings to CxO and/or Board of Directors
• Partner with the Unit 42 Directors, executive team and service line leaders to develop and execute strategy for the Unit 42 Digital Forensics & Incident Response (DFIR) practice, as well as continuously advance the maturity of our services
• Drive innovation in Unit 42's reactive offerings, by leading the consulting team and collaborating with cross-functional teams to bring new capabilities and services to market that leverage Palo Alto Networks products
• Ensure the consistency and quality of our services and highest level of customer service
• Integrate threat intelligence into our services by deepening the feedback loop with Unit 42 Threat Intelligence team and telemetry
• Recruit and onboard world class Incident Response talent to support our growth goals
• Support the professional growth and development of our consultants through training and technical enablement
• Foster and maintain a culture that attracts and retains smart, kind team members dedicated to executing with excellence
• Identify and execute strategies for service development, enablement, and process that result in the pull through of Palo Alto Networks products
• Cultivate and maintain relationships with key clientele to increase awareness of Unit 42's' capabilities and provide on-demand expertise for client needs
• Amplify Unit 42s' presence and credibility in the marketplace through thought leadership, including via speaking engagements, articles, whitepapers, and media exposure

Qualifications

Your Experience

• 6 years of hands-on professional experience in incident response, with 3 years experience in client-facing consulting roles.
• Demonstrated prior experience and success in leading multi-site, large scale incident response engagements, including scoping work, managing incident response engagements end-to-end and providing guidance on tactical and longer term remediation recommendations
• Experience in managing, leading and motivating consultants at all levels
• Experience as a team leader including overseeing other senior, and mid-level analyst/consultant teams
• Ability to travel as needed to meet business demands
• Able to split your time across commercial support, client delivery, team coaching, and technical expertise and skills maintenance activities.
• Strong presentation, communication, and presentation skills with verifiable industry experience communicating at CxO and/or Board of Directors level
• Expert level of knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance
• Deep technical experience  and operational understanding of major operating systems (Microsoft Windows, Linux, or Mac) and/or proficiency in host based forensics, network forensics and cloud incident response.
• Endpoint Detection and Response (EDR), threat hunting, log analysis,and triage forensics
• Collection and analysis of host and cloud based forensic data at scale.
• Client services mindset and top-notch client management skills
• Experienced-based understanding of clients' needs and desired outcomes in incident response investigations
• Demonstrated writing ability, including technical reports, business communication, and thought leadership pieces
• Operates with a hands-on approach to service delivery with a bias towards collaboration and teamwork
• Track record of championing innovation and improvement initiatives for your area of expertise, identifying emerging trends and technologies and developing leading  solutions to address client needs.
• Be a valuable contributor to the practice and, specifically develop an external presence via public speaking, conferences, and/or publications
• Have credibility, executive presence, and gravitas
• Able to have a meaningful and rapid delivery contribution
• Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
• Be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
• Bachelor's Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent relevant experience or equivalent military experience required to meet job requirements and expectations.
• Professional industry certifications such as: GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Incident Handler (GCIH)

Additional Information

The Team

Unit 42 Consulting is Palo Alto Network's security advisory team.  Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics, and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions, we are experienced in working quickly to provide an effective incident response, attack readiness, and remediation plans with a focus on providing long-term support to improve our clients' security posture.

Our Commitment

We're problem solvers that take risks and challenge cybersecurity's status quo. It's simple: we can't accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at  

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

About The Role:

Our client is looking for a highly motivated, self-driven, incident response consultant dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. Our client's Services team offers opportunities to expand your skill set through a wide variety of engagements including front page incident response investigations for organizations you'll find on the annual Fortune 100 list.

What You'll Do:

• Serve as technical lead on incident response engagements
• Develop and use new methods to hunt for bad actors across large sets of data.
• Work under the direction of outside counsel to conduct intrusion investigations
• Perform host and/or network-based forensics across Windows, Mac, and Linux platforms.
• Produce high-quality written and verbal reports, presentations, recommendations, and findings to key stakeholders including customer management, regulators, and legal counsel .
• Demonstrate industry thought leadership through blog posts, and other public speaking events.

What You'll Need:

Successful candidates will have experience in one or more of the following areas:

• Successful candidates will have experience in one or more of the following areas:
• Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists.
• Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise.
• Network Forensic Analysis: strong knowledge of network protocols, network analysis tools like Bro/Zeek or Suricata, and ability to perform analysis of associated network logs.
• Reverse Engineering: ability to understand the capabilities of static and dynamic malware analysis.
• Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
• Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations.
• Cloud Incident Response: knowledge in AWS, Azure, or GCP incident response methodologies.
• Communications: strong ability to communicate executive and/or detailed level findings to clients; ability to effectively communicate tasks, guidance, and methodology with internal teams
• Capable of completing technical tasks without supervision.
• Desire to grow and expand both technical and soft skills.
• Strong project management skills.
• Contributing thought leader within the incident response industry.
• Ability to foster a positive work environment and attitude.

Good to have:

• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Forensic Analyst (GCFA) or GCFE or GCFR
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• OSCP / OSCE (Offensive Security certifications for more offensive/technical IR work)
• Cloud incident response (AWS, Azure, GCP)

Education:

BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.

Our Mission
Our Mission
At Palo Alto Networks everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are built on challenging and disrupting the way things are done, and we seek innovators who are committed to shaping the future of cybersecurity.
Who We Are
Who We Are
We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and believe that the unique ideas of every team member contribute to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday – from disruptive innovation and collaboration to execution, from showing up for each other with integrity to creating an environment where we all feel included.
Job Description
Job Description
As a Principal Consultant in Unit 42, the individual will be responsible for managing incident response engagements with our largest clients and in our most complex engagements. They will become the go‐to expert for clients during high‐priority incident response, remediation, and recovery phases, providing strategic guidance and technical oversight while focusing on product integration. The role requires in‐depth cybersecurity expertise to serve as an incident commander throughout the incident response lifecycle. While actively involved in incident response service delivery, this person also works with peers and the executive team to enhance Unit 42’s incident response practice, including developing and improving the technical and operating methodologies employed during incident response engagements.
Your Impact
Lead the team delivering high‐profile, high‐stakes enterprise level incident response engagements
Provide hands‐on, expert‐level incident response services to clients and deliver findings to CxO and/or Board of Directors
Partner with the Unit 42 Directors, executive team and service line leaders to develop and execute strategy for the Unit 42 Digital Forensics & Incident Response (DFIR) practice, as well as continuously advance the maturity of our services
Drive innovation in Unit 42’s reactive offerings, by leading the consulting team and collaborating with cross‐functional teams to bring new capabilities and services to market that leverage Palo Alto Networks products
Ensure the consistency and quality of our services and highest level of customer service
Integrate threat intelligence into our services by deepening the feedback loop with Unit 42 Threat Intelligence team and telemetry
Recruit and onboard world class Incident Response talent to support our growth goals
Support the professional growth and development of our consultants through training and technical enablement
Foster and maintain a culture that attracts and retains smart, kind team members dedicated to executing with excellence
Identify and execute strategies for service development, enablement, and process that result in the pull through of Palo Alto Networks products
Cultivate and maintain relationships with key clientele to increase awareness of Unit 42’s capabilities and provide on‐demand expertise for client needs
Amplify Unit 42’s presence and credibility in the marketplace through thought leadership, including via speaking engagements, articles, whitepapers, and media exposure
Qualifications
6 years of hands‐on professional experience in incident response, with 3 years experience in client‐facing consulting roles
Demonstrated prior experience and success in leading multi‐site, large scale incident response engagements, including scoping work, managing incident response engagements end‐to‐end and providing guidance on tactical and longer‐term remediation recommendations
Experience in managing, leading and motivating consultants at all levels
Experience as a team leader including overseeing other senior and mid‐level analyst/consultant teams
Ability to travel as needed to meet business demands
Able to split your time across commercial support, client delivery, team coaching, and technical expertise and skills maintenance activities
Strong presentation, communication, and presentation skills with verifiable industry experience communicating at CxO and/or Board of Directors level
Expert level of knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance
Deep technical experience and operational understanding of major operating systems (Microsoft Windows, Linux, or Mac) and/or proficiency in host based forensics, network forensics and cloud incident response
Endpoint Detection and Response (EDR), threat hunting, log analysis, and triage forensics
Collection and analysis of host and cloud based forensic data at scale
Client services mindset and top‐notch client management skills
Experienced‐based understanding of clients’ needs and desired outcomes in incident response investigations
Demonstrated writing ability, including technical reports, business communication, and thought leadership pieces
Operates with a hands‐on approach to service delivery with a bias toward collaboration and teamwork
Track record of championing innovation and improvement initiatives for your area of expertise, identifying emerging trends and technologies and developing leading solutions to address client needs
Be a valuable contributor to the practice and, specifically develop an external presence via public speaking, conferences, and/or publications
Have credibility, executive presence, and gravitas
Able to have a meaningful and rapid delivery contribution
Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
Be collaborative and able to build relationships internally, externally, and across all PANW functions, including the sales team
Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent relevant experience or equivalent military experience required to meet job requirements and expectations
Professional industry certifications such as: GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Incident Handler (GCIH)
Seniority Level
Associate
Employment Type
Full‐time
Job Function
Consulting
Industries
Computer and Network Security
#J-18808-Ljbffr